Context:
- Amid all the celebration that rung in the new year, the Internet has also been flooded by an ominous slew of articles on the Meltdown and Spectre processor exploits. Unlike the occasional scare that affects only certain devices running specific hardware or software, and is usually easily fixed, these two likely impact pretty much anyone whose device uses an Intel processor (and in the case of Spectre, AMD and ARM processors as well).
A quick overview
- Essentially, Meltdown exploits hardware vulnerabilities by accessing data that processors pre-fetch in an attempt to speed up their working, but fail to completely delete from their caches afterwards. This issue affects Intel processors released as early as the mid 90s, but is being mitigated through patches released by Intel and other manufacturers, who use the company’s chips in their products.
- Spectre, on the other hand, affects more devices, and its ability to exploit software applications previously thought to have been made with no vulnerabilities makes it harder to counter, hence the name, as it will ‘haunt’ us for a while. The exploit can be leveraged through Javascript to steal data from browsers, and this feature makes it difficult to identify what form a hack can take.
Source:TH